5 Useful WordPress Functions You Didn’t Know Existed

Deep within the source code of WordPress lies an endless list of useful functions just waiting for you to use them in your theme or plugin. The problem is, most people don’t know they exist, probably because the Codex is ridiculously underdeveloped, and most people hate looking through source code. Luckily for you, reading the WordPress source code is a hobby of mine.

So, I compiled a list of some of my favorites. Some are simple and can be used by pretty much everyone; others have less common uses; but, all of them are incredibly useful.

1. wp_mail()

The wp_mail() function is essentially a super-easy function that allows you to easily send an email to anyone you want by just passing a few simple arguments. For example:

You can also specify third and fourth parameter, $headers and $attachments. Seriously, this function takes all of the heavy lifting out of sending pretty much any kind of email you can think of.

You can check out the function reference on the Codex here, or you can check out the source code for the function here (which I highly recommend).

2. wp_loginout()

This function gives us the ability to display a “Login” link on our theme, so we can easily log in without having to manually type in the /wp-admin/ or /wp-login.php URL. But it goes beyond just that. If we’re already logged in, instead of displaying a “Login” link, it displays a “Logout” link that allows us to log out of our account without having to visit the dashboard.

This function is incredibly useful for theme authors, since it does all the logic for you. If you’re still manually adding the link to login our logout, you’re wasting your time. Do yourself a favor and use wp_loginout().

You can check out the template tag reference on the Codex here, or you can check out the source code for the function here.

3. clean_url()

UPDATE: WordPress has recently deprecated this function and replaced it with esc_url() and esc_url_raw(). Definitely stay current with the functions you use.

This function takes a URL input and tests it to make sure it is structured correctly. It can add the http:// to the front of a URL if it’s missing, it converts ampersands to their correct HTML character, and a few other things that fix poorly structured URLs.

There are use-cases a-plenty, but the one that comes to my mind is the ability to let a user enter a URL in a theme options or plugin settings page, and NOT require them to “include http://“. If the function did nothing else, that alone would make it useful to me.

You can check out the function reference on the Codex here, or you can check out the source code for the function here.

4. wpautop()

This function is converts line breaks in strings of text to <br /> tags, and makes a double line break into a new paragraph by ending the first paragraph, </p>, and starting a new one, <p>. It also opens and closes the entire string with paragraph tags, so the whole thing is formatted correctly.

If you are ever storing strings of text in a database that you need to display on the front end, but wondered how to turn those line breaks into valid HTML during output, this is the function for you. In fact, this is the function WordPress uses to format posts when outputting the_content().

You can check out the function reference on the Codex here, or you can check out the source code for the function here.

5. wp_rss() / get_rss()

These functions can pull in data from an RSS feed, parse it, and (depending on how you handle it) can display the data in a useful format like a list with links.

UPDATE: WordPress has recently deprecated these functions and replaced them with a MUCH better function, fetch_feed(). This new function is beneficial because it uses the SimplePie RSS tool to parse the feed, and uses built-in WordPress caching mechanism (Transients) to store the data locally, which keeps things quick.

I’ve used these functions on several client sites where they wanted me to pull in stories from other news sources to be displayed in a section of their website. All you need to do is provide an RSS feed address, and the function(s) do(es) the hard work.

One caveat is that you do need to do a PHP include before you can use these functions. It’s only one extra line of code though:

<?php
include_once(ABSPATH . WPINC . '/rss.php'); // < -- this is the include call
wp_rss('http://example.com/rss/feed/goes/here', 5); // <-- this is the function
?>

You can check out the function reference for wp_rss() here, or get_rss() here, or you can view the source code for each of the functions here.

Thanks for the article. I recently start using WordPress as CMS for some clients and such functions will prove to be good but I have a question for you.
Like I have integrated bbPress and WordPress and at the homepage I want to show the latest discussion topics (threads). I can do that either by using WP functions or by using a plugin. Won’t it be good using it as a plugin as plugin will update over time even if WP changes its functions (at least it has a higher probability than my custom piece of code). Any words about the performance gain my using custom code in place of plugin would also be appreciated.

I got your snotty little message about updating from IE6 or ditching IE altogether. Funny, I’m not using any version of IE. You should get your act together before being snide to your readers. Actually, you shouldn’t be snide to your readers period. You’re not half as smart as you think you are.

That’s a great article Nathan. Not sure though about get_rss(), since this relies on Magpie which is deprecated now that Simplepie is bundled and that doesn’t use, if I’m correct, the new standard WP_Http class.

It still uses magpie? You’d think that they would have used simplepie, if they had it available.

Unfortunately, wp_rss() has limitations in that you can’t really control the output like you can with get_rss(), since get_rss() just returns an object that you can loop through and display however you want.

Great post! I work on client WP sites from time to time. I have a security question about the first suggestion. What keeps the spammers from misappropriating wp_mail() ? In other words, how secure is that function when used by itself. I looked at the Codex entry- not much there. I looked at the source code, and not being a PHP programmer, I couldn’t tell if there are anti-spam stop gaps in place. Thanks again.
-Nigel

Because it’s just a function that sends mail, I highly doubt it does anything as far as spam filtering. That would have to be done before the mail is actually sent. In fact, there are plugins out there (Contact Form 7, for instance) that check the sender name and email against Akismet before sending. I don’t, myself, know how to do that, but it obviously can be done. I get very little, if any, spam from my contact form.

Nathan, Thanks for the reply. When you say you receive very little spam from your forms, it sounds like you don’t get spam to your personal email account that originates from your forms. That’s not exactly what I’m concerned about.

Back in my early days of building static sites (non- CMS) we used various web to email forms that had no spam protections. This worked fine for several years. However, around 2003 spammers began using these unprotected scripts as spam engines to generate thousands of spam email messages to unsuspecting third parties. We started building in URL referrer checking code, and other things to protect against abuse of our sites.

You mentioned Contact Form which has anti-spam measures built-in. I’ve used it, and I like it. Given today’s prevalence of highly motivated spammers, I would never deploy web forms that could be exploited. Here is an article about web form spam security: http://www.nyphp.org/phundamentals/email_header_injection.php